How to Block a Massive DDoS Attack

by | Jul 6, 2020

DDOS attack

The key message that came through at the Akamai Edge Live APAC Virtual Summit 2020 on July 2, 2020, was that the nature of cyberattacks on organizations was growing in scale and sophistication. And the only way to contain these attacks and mitigate the impact was to opt for automation, sophisticated monitoring tools, and expertise provided by security operations centers (SOCs) and managed service providers (MSPs).

Dr. Tom Leighton, CEO and Co-Founder, Akamai

Dr. Tom Leighton, CEO and Co-Founder, Akamai

Delivering the keynote, Dr. Tom Leighton, CEO and Co-Founder, Akamai, spoke about Internet security and some of the trends observed in the past few months.  Dr. Leighton said, “There is a lot of business disruption out there… companies are dealing with the new reality. There are workforces working remotely, people are unable to travel, and this is creating a lot of security concerns. The trends that we are seeing on the Internet have been pretty much stable over the past few months. Traffic continues to be at a very high level and the attack rates continue to be very high. The bad actors are not disrupted by having to work remotely because they have been doing it for a long time, and they are trying to take advantage of the new situation, where the security levels could be lower with remote workforces.”

Dr. Leighton pointed out that there were a lot of DDoS attacks happening and companies in all industries were getting attacked. In recent weeks, there were targeted DDoS attacks on gaming companies, financial services, and internet and telecom firms.

He gave an example of a global DDoS attack against an internet hosting provider on June 4. The attack was huge and was directing 385 million packets per second at the server or 1.44 Tbps (Terabits per second) over a two-hour stretch; there were 9 different attack vectors. Dr. Leighton said the bulk of the attack was “automatically and instantly mitigated” by Akamai Prolexic Services, which is a DDoS mitigation service for Terabit scale attacks. The remainder was mitigated by Akamai’s SOCC (global Security Operations Command Center).

“Our customer was able to maintain operations through a large DDoS attack,” said Dr. Leighton. The point he was trying to make was, the attacks are getting more sophisticated and targeted, and no single organization can block these on its own. DDoS attacks can be contained only with SOCC expertise and managed services, with automated capabilities.

Dr. Leighton also disclosed an on-going attack against a major gaming company. “There are 30 billion bot requests against this website and 6 billion malicious login attempts. These anomalies were identified and blocked by the Akamai Bot Manager and Akamai SOCC,” informed Dr. Leighton.

He also noted that web application attacks have grown 42% year-on-year. Web apps and their APIs continue to be exploited. Commerce, high-tech and financial services are the most targeted sectors for these types of attacks.

“Credential abuse attempts have nearly doubled compared to last year.  Credential abuse attacks are the toughest and criminals are trying to take over accounts to steal merchandise, personal information, and money,” said Dr. Leighton.

The other type of attack that is increasing is malware injected by third-party scripts on retail websites. This is called Formjacking and the MageCart malware is the most infamous example.

“Third and fourth parties add their scripts to a shopping website, so most of what comes to a customer’s browser isn’t authored by the shopping website,” said Dr. Leighton. “61% of desktop content and 68% of mobile content comes from third parties.”

Compromised third-party scripts and domains can result in data breaches wherein customer credentials and card details are stolen.

John Summers, SVP and CTO, Akamai said there are typically 20 – 50 Javascripts executing on customers’ browsers when a web page downloads at their end. And each Javascript calls additional fourth and fifth-party scripts to enhance the customer experience.

Akamai offers a tool for anyone to test their page integrity at akamai.com/pageintegrity. With this tool, one can determine where their third-party and fourth-party content is coming from.

Share This Article!

Brian Pereira
Brian Pereira
Brian Pereira is an Indian journalist and editor based in Mumbai. He founded Digital Creed in 2015. A technology buff, former computer instructor, and software developer, Brian has 29 years of journalism experience (since 1994). Brian is the former Editor of CHIP India, InformationWeek India and CISO Mag. He has served India's leading newspaper groups: The Times of India and The Indian Express. Presently, he serves the Information Security Media Group, as Sr. Director, Editorial. You'll find his most current work on CIO Inc. During his career he wrote (and continues to write) 5000+ technology articles. He conducted more than 450 industry interviews. Brian writes on aviation, drones, cybersecurity, tech startups, cloud, data center, AI/ML/Gen AI, IoT, Blockchain etc. He achieved certifications from the EC-Council (Certified Secure Computer User) and from IBM (Basics of Cloud Computing). Apart from those, he has successfully completed many courses on Content Marketing and Business Writing. He recently achieved a Certificate in Cybersecurity (CC) from the international certification body ISC2. Follow Brian on Twitter (@creed_digital) and LinkedIn. Email Brian at: [email protected]
Recommended Posts
The First 90 Days Are Crucial for the CISO and CIO

This book arms you with insights into crafting a robust 90-day plan, and you’ll be well-equipped to catapult into CIO or CISO roles successfully. Beyond technical proficiency, the book instills survival skills, ensuring longevity and helping you prevent burnout in these pivotal positions.

Similar Articles